I set up a new port (2514/TCP) to receive logs messages from VMware Workspace One. I notice this new port was not writing the log messages to the file specified. (Other ports for other products work fine) I can see the messages come in when I run tcpdump, but they do not end up getting written to a file. When I looked at the /var/log/nxlog/nxlog.log file, I noticed a LOT of messages like this: ```2021-07-07 22:44:31 INFO connection accepted from 10.42.32.149:60599``` ```2021-07-07 22:44:31 WARNING TCP connection closed from 10.42.32.149:60599: End of file found``` I tried to google the error, but could not fine anything about it. My config file includes this: ``` Module xm_syslog Module im_tcp Port 2514 Host 0.0.0.0 Exec parse_syslog(); Module om_file File "/log/SYSLOG_vmwarelog/VMWARELOG_" + $Hostname + ".log" CreateDir TRUE Exec to_syslog_bsd(); Path vmwarelogtcp => vmwareout ``` Any ideas? Thank you

Hi,

so, it looks like the connection with VMWare is made:

2021-07-07 22:44:31 INFO connection accepted from 10.42.32.149:60599

but this suggests the connection is closed by the same party:

2021-07-07 22:44:31 WARNING TCP connection closed from 10.42.32.149:60599: End of file found.

I'd suggest checking VMWare conf first - maybe there's something in VMWare's logs?

Best regards,
Rafał